Anti-fraud financial transactions system

ABSTRACT

Users can conduct financial transactions in a secure manner without the need to use any traditional financial instrument, such as credit card, debit card, ATM card, gift card, stored value card, prepaid card, cash, check, coupon, token, ticket, voucher, certificate, note, security, etc. In addition, users&#39; identities are kept confidential in the transactions without violating the Anti-Money Laundering and Anti-Terrorist Financing requirements.

CROSS REFERENCE TO RELATED APPLICATION

This application claims the benefit of U.S. Provisional PatentApplication No. 61/628,114, filed on Oct. 25, 2011, in the names ofSong, et al., the disclosure of which is expressly incorporated byreference herein in its entirety.

TECHNICAL FIELD

The present disclosure relates generally to financial transactionsystems. More specifically, the present disclosure enables theconducting of financial transactions without using traditional financialinstruments.

BACKGROUND

Traditional financial instruments include credit cards, debit cards, ATMcards, gift cards, stored value cards, prepaid cards, cash, checks,coupons, tokens, tickets, vouchers, certificates, notes, security, etc.These traditional financial instruments can be easily stolen andfabricated. For example, by bribing a waiter in a restaurant, afraudster can easily steal the card information from a guest of therestaurant. The fraudster can use the stolen card information for payinga nominal fee to numerous background search websites on the Internet, toacquire useful personal information based on the cardholder's name shownon the stolen card. Once this personal information is obtained, acounterfeit card and a counterfeit identification document, such as adriver's license, can be easily fabricated with current technology.

Once a fraudster has stolen or fabricated a financial instrument, thefraudster can quickly conduct many illegal financial transactions beforethe affected financial institutions, organizations or individualsidentify the fraud and disable the financial instrument. Manyindividuals, organizations and financial institutions have sufferedtremendous material losses and damages as a result of fraudulentfinancial transactions.

In fact, stealing financial instruments is easy today. Many financialinstitutions and merchants store their clients' personal information,including the information of the financial instruments (e.g., creditcards, debit cards, etc.), in databases. There are many cases whereemployees of financial institutions, merchants, or consumer reportcompanies steal customers' information, commit fraud, and/or sell theinformation to fraudsters.

In addition, checks are still one of the most popular financialinstruments today. Unfortunately, fabricating a counterfeit check iseasier than fabricating a counterfeit card. There are numerous fraudcases related to counterfeit checks that are used together withcounterfeit identification documents.

Furthermore, an online merchant cannot easily tell whether a remoteconsumer has the correct identity. If correct card information, whichcan be obtained from a stolen card, and a correct billing address, whichcan be obtained from Internet search websites, are presented, themerchant cannot easily tell whether the remote consumer is actually afraudster. An experienced fraudster can easily conduct fraudulent onlinetransactions in this manner. As a result, online merchants are exposedto a tremendous amount of monetary losses every year.

Furthermore, mailing new financial instruments to new customers orexisting customers when their old financial instruments expire is amajor expense to financial institutions. In addition to the huge amountof resources used in this mailing process, these financial instrumentscan be easily stolen during the mailing process and used to commitfraud.

In summary, fraudulent financial transactions can be easily committedtoday, and individuals, organizations, merchants and financialinstitutions are suffering enormous losses and damages usingconventional financial transaction systems.

SUMMARY OF THE DISCLOSURE

The present disclosure enables consumers to conduct financialtransactions in a secure manner without using traditional financialinstruments, which are easily stolen and/or fabricated.

In one aspect of the present disclosure, consumers can conduct financialtransactions without having to carry a traditional financial instrument.

Traditionally, a client of a financial institution is identified by anaccount number. For example, a credit card has a credit card accountnumber. A check has a checking account number. A stock trading accounthas a trading account number. An insurance policy holder has a policynumber (or an account number). This is the traditional way for financialinstitutions to identify and manage billions of clients without anyconfusion.

Because an account number is generally very long, clients are generallyunable to memorize their account numbers. As a result, it is customaryfor a financial institution to issue a financial instrument thatdisplays the account number or contains this information on a readablemedium, such as a magnetic strip. Therefore, financial transactions aretraditionally conducted through financial instruments.

If the financial instrument information of a consumer is stolen,however, a fraudster can use the stolen information to fabricate acounterfeit financial instrument or provide fraudulent instructions tosteal funds. Therefore, protecting a customer's financial instrumentshas been essential to preventing financial transactions fraud.

Many methods have been disclosed to protect financial payment cards. Forexample, some methods suggest providing consumers with temporary cardnumbers that automatically expire when certain criteria is met. Somemethods suggest that cardholders should deactivate their card accountswhile they are not using the cards and activate their card accountsagain before they use their cards. In general, these methods createsignificant expenses for financial institutions and consumers, and oftencreate more confusion than protection for the consumers.

Furthermore, each temporary card number issued by a financialinstitution must be able to uniquely identify the cardholder.Unfortunately, ensuring that the temporary card number is unique is adifficult task. For example, if the financial institution uses a “cardnumber generator” for producing a temporary card number that will onlyrepeat itself after the generator has produced many additional temporarycard numbers, the information and algorithm of this “card numbergenerator” can be stolen by fraudsters. A fraudster can duplicate a“counterfeit card number generator” and synchronously produce“counterfeit temporary card numbers” that are identical to the temporarycard numbers produced by the real card number generator. Consequently,these “counterfeit temporary card numbers” can also be used tofraudulently purchase goods and services.

To avoid the potential problem of identical counterfeit temporary cardnumbers, a financial institution can use a “random number generator” torandomly produce new temporary card numbers. To ensure that a newrandomly-generated card number is truly unique; however, the financialinstitution compares the new temporary card number with all previouslyproduced temporary card numbers. If a new temporary card number is notunique, the financial institution randomly generates another newtemporary card number and compares the new temporary card number withall active, old temporary card numbers to avoid duplication. When manyexisting numbers have already been generated, this process repeats untila truly unique, new temporary card number is randomly generated. Thisprocess is not practical because too much time and computer processingpower is involved in producing a unique, randomly generated temporarycard number.

Moreover, to be unique, a temporary card number should contain enoughdigits so that it will not easily repeat itself. A typical consumercannot remember a long number. As a result, the long card number isgenerally written down on a piece of paper, which can also be stolen bya fraudster.

Alternatively, a long temporary card number can be sent to the mobilephone or computer of the consumer to avoid the consumer's memorizationof the temporary card number. Manual entry of a long temporary cardnumber provided by the consumer into the merchant's point-of-saleterminal, however, becomes a painful and inconvenient payment process toboth the merchant and the consumer.

If a merchant is going to scan a bar code displayed on the mobile phoneof the consumer, which represents a temporary card number, the merchantneeds to change its point-of-sale terminal hardware and software toaccommodate the new payment method. Changing the point-of-sale hardwareand software costs money and time, thus merchants are less willing toadopt such a payment method. Also, a temporary card number sent to themobile phone of the consumer can be stolen by a fraudster during thedata transmission. As seen by the aforementioned examples, an idealanti-fraud payment solution is unavailable.

One aspect of the present disclosure reduces or eliminates dependence ontraditional financial instruments while strengthening the level offinancial security for all parties involved in financial transactions.

In one aspect of the present disclosure, a computer system conductsfinancial transactions without using traditional financial instruments.The computer system may include a processor and a memory device coupledto a network, and a database stored on the memory device. In oneconfiguration, the computer system stores contact information of auser's personal communication device associated with the user's account.A personal communication device may include a cellular phone, a mobilephone, a smartphone, a smartbook, a PDA, a personal computer, and otherlike portable devices with communication capability for personal use.

Using a personal communication device, the geolocation data of thepersonal communication device is sent to the computer system. Thecomputer system identifies the user account that is associated with thepersonal communication device from which the geolocation data was sent,and randomly generates a short passcode, (e.g., 4 digits long), with afixed lifetime. The computer system uses a communication module to sendthe passcode to the user's personal communication device in response toreceiving the geolocation data. The computer system associates thegeolocation data of the user's personal communication device and thepasscode with the user's account. The computer system also stores thisinformation in a database.

When this passcode is received from a subject (e.g., a merchant), thecomputer system compares the geolocation data associated with thepasscode to the geolocation data of the subject. If the comparison ofboth sets of geolocation data satisfies a pre-determined condition ofproximity and the passcode has not yet expired, the computer system usesa transaction processing module to permit the subject to conduct atransaction with the user's account.

When more than one passcode is found in the database that satisfies thepre-determined condition of proximity, the user provides additionalpersonal information or personal knowledge so the computer system canidentify the correct user account with which to conduct the transaction.For example, this additional information can be the last four digits ofthe user's personal communication device address or number, the firsttwo letters of the user's last name, the zip code of the user's mailingaddress, or other like additional information.

In another aspect of the present disclosure, a user selects a store onhis/her mobile device, and the store selection data is sent back to thecomputer system. The computer system identifies the user account that isassociated with the personal communication device from which the storeselection data was sent, and randomly generates a short passcode, (e.g.,4 digits long), with a fixed lifetime. The computer system uses acommunication module to send the passcode to the user's personalcommunication device in response to receiving the store selection data.The computer system associates the store selection data and the passcodewith the user's account; this information is stored in a database. Whena passcode is received from the selected store and the passcode has notyet expired, the computer system uses a transaction-processing module topermit the store to conduct a transaction with the user's account.

Because a typical store seldom has more than, for example, 9,999 personspurchasing goods and services at the same time, the chance of aduplicate passcode can be eliminated by reducing the lifetime of thepasscode. If there is a duplicate passcode found in the database for thesame store, then the user provides additional personal information orpersonal knowledge so the computer system can identify the correct useraccount with which to conduct the transaction, for example, as describedabove. Furthermore, a password can be requested from the user to furtherstrengthen the security of this payment method.

In this disclosure, a geolocation identifies the real-world geographiclocation of an object. There are several different formats forpresenting a geolocation. Regardless of which format is used, thelocation of an object can be obtained from its geolocation data after aproper translation. In addition, the distance between two geolocationscan be obtained through calculations. As described herein, the terms“location information” and “geolocation information” are usedinterchangeably in the present disclosure. Furthermore, the phrases“distance between two geolocations” and “distance between two locations”are used interchangeably in the present disclosure.

In this disclosure, the terminology “network” or “networks” generallyrefers to a communication network or networks, which can be wireless orwired, private or public, real time or non-real time, or a combinationof them, and includes the well-known Internet.

In this disclosure, the terminology “computer” or “computer system”generally refers to either one computer or a group of computers, whichmay work alone or work together to reach the purposes of the system.

In this disclosure, the terminology “processor” generally refers toeither one processor or a group of processors, which may work alone orwork together to accomplish the purposes of the computer system.

In this disclosure, a “bank” or “financial institution” generally refersto a financial service provider, either a bank or a non-bank, wherefinancial services or money services are provided.

In this disclosure, a “bank account” or “financial account” generallyrefers to an account associated with an organization, either a bank or anon-bank, where financial transactions can be conducted throughfinancial instruments such as cash, checks, credit cards, debit cards,ATM cards, stored value cards, gift cards, pre-paid cards, wires,coupon, token, ticket, voucher, monetary instruments, letters of credit,notes, securities, commercial papers, commodities, precious metal,electronic fund transfers, automatic clearing house, etc.

In this disclosure, “financial transactions” generally refer totransactions related to financial activities, including but not limitedto payment, fund transfer, money services, payroll, invoicing, trading,escrow, insurance, underwriting, merger, acquisition, account opening,account closing, etc.

In this disclosure, a “consumer” generally refers to a customer, person,subject, subject person, payer, user, or client, etc., seeking toperform a transaction with an individual, an organization, a merchant,and/or a financial institution.

In this disclosure, “personal identification information” generallyrefers to name, address, date of birth, personal identification number,user ID, password, tax identification number, type of the identificationdocument used, identity number associated with the identificationdocument, country, state, government organization and/or a privateorganization issuing the identification document, expiration date of theidentification document, phone number, screen name, e-mail address,photographs, fingerprints, iris scans, physical appearance descriptions,and other biometrical information.

In this disclosure, “personal information” includes at least personalidentification information, personal relationships, personal status,personal background, personal interests, personal knowledge, andpersonal financial information including information related tofinancial instruments, financial accounts, and financial activities.

In this disclosure, “financial instruments” generally refer toinstruments, which are used to conduct financial transactions. Examplesof financial instruments include cash, credit cards, debit cards, ATMcards, prepaid cards, stored value cards, gift cards, checks, monetaryinstruments, wire transfers, coupons, tokens, tickets, vouchers, lettersof credit, notes, securities, commercial papers, commodities, gold,silver, and other like tender.

In this disclosure, a “personal communication device” generally refersto a device interface used for personal communication purposes.

In this disclosure, a “device interface” generally refers to a keyboard,a keypad, a monitor, a display, a terminal, a computer, a control panel,a vehicle dash board, a network interface, a machinery interface, avideo interface, an audio interface, an electrical interface, anelectronic interface, a magnetic interface, an electromagnetic interfaceincluding electromagnetic wave interface, an optical interface, a lightinterface, an acoustic interface, a video interface, an audio interface,a contactless interface, a mobile phone interface, a smartphoneinterface, a Smartbook interface, other communication device interface,a Personal Digital Assistant (PDA) interface, a handheld deviceinterface, a portable device interface, a wireless interface, a wiredinterface, and other interfaces.

In this document, the terminology “terminal” or “kiosk” generally refersto equipment, including a computer and/or its peripherals,microprocessor and/or its peripherals, ATM terminal, check cashingkiosk, money services kiosk, merchant checkout stand, cash register,coin exchange machine, parking lot payment kiosk, other payment kiosks,contactless device, wire line phone, mobile phone, smartphone,Smartbook, personal communication device, PDA, digital assistant,entertainment device, network interface device, router, and/or PersonalDigital Assistant (PDA), etc., which interfaces a user with a computernetwork, so that the user may interact with computer systems and otherequipment connected to the computer network.

Reference should also be made to our co-pending U.S. patent applicationSer. No. 13/595,768, filed on Aug. 27, 2012, in the names of Song, etal., entitled “Transactional Monitoring System,” the disclosure of whichis expressly incorporated by reference in its entirety.

This has outlined, rather broadly, the features and technical advantagesof the present disclosure in order that the detailed description thatfollows may be better understood. Additional features and advantages ofthe disclosure are described below. It should be appreciated by thoseskilled in the art that this disclosure may be readily utilized as abasis for modifying or designing other structures for carrying out thesame purposes of the present disclosure. It should also be realized bythose skilled in the art that such equivalent constructions do notdepart from the teachings of the disclosure as set forth in the appendedclaims. The novel features, which are believed to be characteristic ofthe disclosure, both as to its organization and method of operation,together with further objects and advantages, will be better understoodfrom the following description when considered in connection with theaccompanying figures. It is to be expressly understood, however, thateach of the figures is provided for the purpose of illustration anddescription only and is not intended as a definition of the limits ofthe present disclosure.

BRIEF DESCRIPTION OF THE FIGURES

The features, nature, and advantages of the present disclosure willbecome more apparent from the detailed description set forth below whentaken in conjunction with the drawings.

FIG. 1 illustrates a system and network diagram of an Anti-FraudFinancial Transactions System (“AFTS”) to enable consumers, financialinstitutions and merchants to conduct secured financial transactionsaccording to one aspect of the present disclosure.

FIG. 2 is a flowchart of an example process, indicating how a new userregisters with the computer system of AFTS as shown in FIG. 1 accordingto one aspect of the present disclosure.

FIG. 3A and FIG. 3B are flowcharts of an example process, indicating howthe system shown in FIG. 1 enables a consumer to conduct securefinancial transactions with a retail store at point of sale according toone aspect of the present disclosure.

FIG. 4A and FIG. 4B are flowcharts of an example process, indicating howthe system shown in FIG. 1 enables a consumer to conduct securefinancial transactions with a retail store through an automatic checkoutstand according to one aspect of the present disclosure.

FIG. 5A and FIG. 5B are flowcharts of an example process, indicating howthe system shown in FIG. 1 enables a consumer to conduct securefinancial transactions with a retail store through his/her personalcommunication device according to one aspect of the present disclosure.

FIG. 6A and FIG. 6B are flowcharts of an example process, indicating howthe system shown in FIG. 1 enables a consumer to conduct securefinancial transactions with an online merchant through a deviceinterface according to one aspect of the present disclosure.

DETAILED DESCRIPTION

The detailed description set forth below, in connection with theappended drawings, is intended as a description of variousconfigurations and is not intended to represent the only configurationsin which the concepts described herein may be practiced. The detaileddescription includes specific details for the purpose of providing athorough understanding of the various concepts. However, it will beapparent to those skilled in the art that these concepts may bepracticed without these specific details. In some instances, well-knownstructures and components are shown in block diagram form in order toavoid obscuring such concepts. As described herein, the use of the term“and/or” is intended to represent an “inclusive OR”, and the use of theterm “or” is intended to represent an “exclusive OR”.

There are about seven billion people on earth and each one mustpotentially be uniquely identified to avoid confusion in financialtransactions. In addition, each financial institution that ownsfinancial accounts must be uniquely identified. That is why a creditcard number or a debit card number usually has a length of about 15 to20 digits.

Traditionally, a financial account is identified by an account number.For many people, it is difficult to remember an account number of 15digits to 20 digits, or a data string of equivalent length. Therefore, aconsumer usually carries a financial instrument that contains theaccount number or the account identification information.

Because financial instruments can be easily stolen or fabricated, oneaspect of the present disclosure eliminates the use of traditionalfinancial instruments. Nevertheless, traditional financial instrumentsalso provide an important function of linking a consumer to his/heraccount in a financial institution. Therefore, this linking function isreplaced with an alternative method, according to one aspect of thedisclosure, that eliminates traditional financial instruments.

One aspect of the present disclosure includes an Anti-Fraud FinancialTransactions System (AFTS) based on a computer system. The AFTS computersystem may include device interfaces, a central computer system havingmemory, a database, and peripherals connecting consumers, individuals,organizations, merchants, financial institutions, and the like throughthe device interfaces. In this configuration, the AFTS computer system(referred to as the computer system of AFTS, or the AFTS computer systemhereinafter) is used to manage the individuals, consumers,organizations, merchants, financial institutions, accounts, financialactivities, etc. on the computer network in a secure manner.

In one aspect of the present disclosure, once a consumer uploads his/hername and tax ID to open an account, the AFTS computer system verifiesthe existence of the consumer through government records. Once theexistence of the consumer is recognized, the account is opened for theconsumer. Because each consumer has a unique tax ID in a country, eachconsumer has only one chance to open an account with the computer of theAFTS. If a duplicate tax ID is detected, the AFTS computer system canconduct an investigation to identify the consumer with the correct taxID and filter out the fraudster. The tax ID can be encrypted in thedatabase of the AFTS computer system, or encrypted in a separatedatabase, so that the tax ID is secured after the account openingprocess.

Most countries have imposed anti-money laundering and anti-terroristfinancing obligations upon financial institutions. These financingobligations specify financial institutions to, for example, (1) verifyand record the sender's (payer's) and recipient's (payees')identification information, (2) check the sender (payer) and recipient(payee) against the “blacklists” published by various governments beforecompleting the transaction, and (3) detect any suspicious activitythrough transactional monitoring and report it to the governmentagencies.

The scope of transactional monitoring, as specified by law, is actuallyvery broad. For example, if a financial institution recognizes thatseveral different customers are sending money to the same recipient andthe aggregate amount is very large, the financial institution has anobligation to study the recipient and determines whether the customersand the recipient are financing terrorist activities. If the financialinstitution identifies any suspicious activity, the financialinstitution must report the case to a government agency.

If the financial institution recognizes that a consumer is paying arecipient, with a name that is similar to a name on a blacklistpublished by the government, the financial institution cannot completethe transaction until it has proven that the recipient is not on theblacklist.

Although specified by law, transactional monitoring is not possible inmany of today's transactions (e.g., online) because the financialinstitution often cannot verify an identity of the payers and payees.Consequently, financial institutions cannot really fulfill their legalobligation of enforcing anti-money laundering and anti-terroristfinancing measures in these transactions.

To comply with anti-money laundering and anti-terrorist financingrequirements, in one aspect of the present disclosure, the computersystem may screens all members (i.e., the consumers, merchants,financial institutions, etc.) against the regulatory lists to ensurethat the AFTS computer system can conduct transactions with theseparties in compliance with applicable regulations and laws. The computersystem of AFTS may conduct transactional monitoring to detect suspiciousactivities in compliance with applicable regulations and laws.

In yet another aspect of the present disclosure, a consumer providesinformation about a financial account under the consumer's name. Thefinancial account information can be encrypted so that the accountinformation remains secure. The AFTS computer system can conduct atransaction with the consumer's financial account and request theconsumer to report the amount and/or the type of transaction. If theconsumer cannot correctly report the requested information, the consumermay be a fraudster because he/she cannot tell what is going on inhis/her own financial account.

To ensure that the personal identification information stored in an AFTSdatabase is up-to-date, in one aspect of the present disclosure, aconsumer updates his/her personal identification information in the AFTSdatabase whenever there is a change of information. For example, when aconsumer moves to another state, his/her driver's license and addressmay be changed, and the consumer may update the personal identificationinformation stored inside the AFTS database.

In one aspect of the present disclosure, based on geolocation data of apersonal communication device of a consumer provided to the AFTScomputer system, the AFTS computer system can detect a possible addresschange if the locations of a consumer's transactions have substantiallychanged to a new area. Upon the detection of a possible address change,the AFTS computer system can send a message to the consumer and requestthe consumer to update his/her personal identification information. Inthis configuration, the AFTS computer system uses a consumer providedcontact phone number and/or email address for contact purposes.

In one aspect of the present disclosure, a consumer inputs a list ofquestions and answers into the AFTS database. The list of questions andanswers may be designed by the consumer and may relate to uniqueinformation known only by the consumer. For example, a question may be“What is the name of my favorite teacher?” The answer to this questionshould be similarly unique. Because the questions are designed by theconsumer, the chance for a fraudster to know the answers is unlikely. Asdescribed herein, these questions are referred to as “challengequestions.”

In another aspect of the present disclosure, the challenge question maybe “What is the key code?” In response, a consumer is instructed toinput a key code into the device interface of the AFTS computer system.The key code may be an alphanumeric combination designed by theconsumer, substantially like a password. The chance of another personknowing or correctly guessing the key code is low.

To further strengthen the consumer protection, in yet another aspect ofthe present disclosure, the AFTS uses each key code only once during apre-defined time period. The consumer may update the key codeperiodically. Alternatively, the consumer can store multiple key codesat one time to avoid the burden of having to frequently update the keycodes.

In one aspect of the present disclosure, the consumer uploads his/herrecent photo into the AFTS computer system. Because a person's face isexposed to the public every day and many online social networks may havealready posted a photo of the person on the Internet, the photo of aconsumer is generally not considered “private information.” This photocan be used to enhance the security of the AFTS computer system.

Once an account is opened, an account of a consumer can be identified bya set of alphanumerical data (“Account Avatar”), which is selected froma portion of the personal information of the consumer, but cannot beused to recover the personal information of the consumer. For example, aconsumer can be identified by a combination of the zip code of theaddress shown on the consumer's identification document, the year ofbirth, the last four digits of the ID number, the first two letters ofthe first name, the first two letters of the last name shown on the ID,the country/state of issuance of the ID, the expiration date of the ID,or other portions of like personal information. Because only a fewletters and numbers of the consumer's personal information are used, thetrue identity of the consumer is not disclosed. Furthermore, there is noway to recover the personal information of the consumer from or throughthese pieces of data.

Although only a few letters and numbers of the consumer's personalinformation are used, the probability of a mismatch when two personshave the same set of partial data can be substantially reduced to zeroif a sufficient amount of partial data is used. In the current example,the probability of a mismatch is in the magnitude of about 1 out of10²². The number 10²² is derived from the approximation of 10⁵ (5 digitzip code)×10² (year of birth based on two digits of a 100-year lifespan)×10⁴ (4 digits of ID number)×26² (2 letters of first name)×26² (2letters of last name)×200 (estimated number of participatingcountries)×365×4 (a 4-year effective period for the ID). As a result, apayer's account can be securely identified by the payer's accountavatar. A payee's account can also be identified by the payee's accountavatar.

Even in the extremely unlikely event that two consumers have the sameset of partial data, such confusion can be easily resolved by othermethods. For example, the AFTS computer system can assign an additionalalphanumerical data string with a very short length (e.g., six digits)to distinguish among persons that have the same set of partial personalidentification information.

Because there are about 7 billion persons on earth (i.e., 7×10⁹), thetotal number of persons who may have the same set of partial personaldata is a very small number if a sufficient amount of partial personaldata is used to distinguish them. As a result, a few digits and/orletters are more than sufficient to identify the entire population onEarth when a set of partial personal data is also used foridentification purposes. In fact, it is possible that even 2 or 3 digitsare sufficient.

Because only a few letters or digits are assigned by the AFTS computersystem, a consumer can remember this short data string of a few digitsand/or letters because the consumer should know his/her own personalinformation.

As described herein, this short data string is referred to as accountidentification number (AIN). In one aspect of the present disclosure, anAccount Avatar of the AFTS computer system, which replaces the effect ofa traditional account number, is expanded to include both the AIN and aset of personal data. For example, a possible Account Avatar of the AFTScomputer system can be composed of the 5-digit zip code of the consumer,the last 4 digits of the consumer's phone number, and a 6-digit AIN. Ingeneral, a consumer remembers his/her zip code and phone number. As aresult, a consumer only remembers his/her short AIN when using anAccount Avatar.

In one aspect of the present disclosure, the AIN is assigned by the AFTScomputer system. To further reduce consumer memorization of numbers, inanother aspect of the present disclosure, a consumer can suggest his/herown preferred AIN. The AFTS computer system approves the particular AINif no other person in the AFTS database, whose set of partial personaldata is identical to the consumer's, has used the suggested AIN.

If a zip code is not used in a particular country or area, a possibleaccount number of the AFTS computer system can be composed of, forexample, the last 5 digits of the official identification documentnumber of the consumer, the last 4 digits of the consumer's primaryphone number, and a 6-digit AIN assigned by the AFTS computer system. Infact, many other different pieces of partial personal information can beused to achieve the same goal of identifying an account. Although we usedigits in the above example, an AIN can be an alphanumerical number, adata string or other like information.

Because only partial personal information is used, the identity of theconsumer cannot be recovered from an Account Avatar. Consequently, theprivacy of the consumer is fully protected.

In an alternative aspect of the present disclosure, if privacy is not aconcern, the personal phone number of a person and the country code andthe area code of the person can uniquely identify the person.

The above approach of using an Account Avatar to identify an account canalso be used by an automatic checkout stand, an ATM terminal, a kiosk,or other types of device interfaces.

In the event that a consumer cannot remember this short AIN of a fewdigits and/or letters, in one aspect of the present disclosure, aconsumer can use his/her identification document to conduct financialtransactions. The information on the identification document can beentered by the consumer, the merchant, or the financial institution.“Official” identification documents are effective for fraud preventionbecause official identification documents are protected by therespective government organizations that issued the respective officialidentification document.

In another aspect of the present disclosure, a device interface, such asa terminal, reads the information embedded within or on theidentification document. As a result, a consumer can pay for goods orservices with his/her identification document at an automatic checkoutstand.

Another aspect of the present disclosure eliminates resending of all theinformation of the identification document to the AFTS computer system.To protect the consumer's personal information, which can be stolenduring the data transmission, letters and numbers of the personalinformation can be used for identification purposes. For example, the5-digit zip code, the last 6 digits of the identification documentnumber, and the initial of the last name can be used for identificationpurposes. In this example, the chance of a mismatch is one out of 2.6trillion (i.e., 26×10⁵×10⁶).

In another aspect of the present disclosure, a personal identificationnumber (PIN) is used for the dual purposes of (1) eliminating the chanceof mismatch and (2) enhancing security. In one configuration, the PIN isassigned by the AFTS computer system. In another configuration, the PINis suggested by the consumer and becomes effective after the approval bythe AFTS computer system.

In yet another configuration, a PIN is composed of some digits suggestedby the consumer and some digits assigned by the AFTS computer system. Inan alternative configuration, an AIN or a part of the AIN is used as thePIN. In yet another alternative configuration, a PIN or a part of thePIN is used as the AIN.

If privacy is not a concern, in one aspect of the present disclosure,the entire identification document number is used for accountidentification purposes to reduce the probability of mismatches. Becausethere are many different countries, states and governments that issueidentification documents (e.g., driver licenses, passports, etc.), anidentification document number may not be unique. Under suchcircumstances, a PIN and/or AIN can eliminate the confusion. In anotheraspect of the present disclosure, the identification document number,the zip code, the PIN and/or AIN are jointly used to perform the accountidentification. The above approach of using an Account Avatar toidentify an account can also be used by an automatic checkout stand, anATM terminal, a kiosk, or other types of device interfaces.

After the consumer has opened an account with the AFTS computer system,if a fraudster tries to use the consumer's stolen identity to conduct afinancial transaction at a bank, in one aspect of the presentdisclosure, a teller can enter into the AFTS computer system an AccountAvatar of the consumer. The AFTS computer system can search its databaseto find and display the photo of the consumer.

If the teller cannot distinguish the fraudster based on the photo of theconsumer, in another aspect of the present disclosure, the teller canask a challenge question or request a key code designed by the consumer.If the person cannot answer the challenge question or give the key codecorrectly, this person is possibly a fraudster.

In another aspect of the present disclosure, the teller can request theperson to provide an additional piece of partial personal information.The AFTS computer system can compare the additional piece of informationof the person with the consumer's information stored in the AFTSdatabase to determine whether the person is the consumer.

In yet another aspect of the present disclosure, authorized personnel ofa financial institution can call the consumer's phone number, which wasprovided by the consumer and stored in the AFTS database, to verifywhether the consumer is the same person conducting the transactions atthe financial institution. In an alternative aspect of the presentdisclosure, authorized personnel of a financial institution can send anemail to the consumer to verify whether the consumer has requested thefinancial institution to conduct a particular transaction.

In one aspect of the present disclosure, the teller can inform the AFTScomputer system if the teller rejects the transaction. In response, theAFTS computer system can send an alert message to the consumer so thatthe consumer is alerted of possible fraud against the consumer.Similarly, if a fraudster tries to use the consumer's identity topurchase goods or services at a merchant after stealing the consumer'sidentity, in other aspects of the present disclosure, the photo of theconsumer, the challenge questions, the key codes, and/or the additionalpartial information are used to detect the fraudster.

In another aspect of the present disclosure, the merchant informs theAFTS computer system if the merchant rejects the transaction. Inresponse, the AFTS computer system can send a message to the consumer sothat the consumer is alerted that fraud is possibly being committedagainst the consumer.

If a fraudster tries to use the consumer's identity to purchase goods orservices online, in another aspect of the present disclosure, thechallenge questions, the key codes and/or the additional partialpersonal information can be used by merchants to detect the fraudster.

In yet another aspect of the present disclosure, if the AFTS computersystem rejects the online transaction because an answer to a challengequestion is wrong, the AFTS computer system can also send an alertmessage to the consumer so that the consumer is alerted of possiblefraud being committed against the consumer.

In one aspect of the present disclosure, the AFTS computer system alertsa consumer's financial institution after identifying possible identitytheft and/or fraud being committed against the consumer so that thefinancial institution can act to protect the consumer and the financialinstitution.

In another aspect of the present disclosure, the AFTS computer systemuses the alert provided by the AFTS computer system to implementadditional steps to protect the consumer, the financial institution, andpossibly other clients of the financial institution. The alerts producedby the AFTS computer may be considered as risk factors associated withfinancial crimes. An additional software system can be established inthe financial institution to prevent financial crimes based on thedisclosure of the co-pending application entitled “TransactionalMonitoring System,” the disclosure of which is expressly incorporated byreference in its entirety. As a result, in one configuration the AFTScomputer system enables consumers, financial institutions, and merchantsto jointly detect and prevent fraud in financial transactions.

To further automate the financial crime prevention process, in oneaspect of the present disclosure, the transactional networks of thefinancial institutions (e.g., credit card network, debit card network,trading network, insurance network, etc.) are linked to the AFTScomputer system. Linking to the AFTS computer system, in thisconfiguration, enables the use of a consumer's photo, challengequestions, key codes, and/or additional information by consumers,merchants or financial institutions when they conduct transactionsthrough these transactional networks.

In another aspect of the present disclosure, the AFTS computer system isintegrated into existing networks for credit cards, debit cards, storedvalue cards, ATM cards, gift cards, prepaid cards, ACH, bank accounts,wire transfers, and the like.

Because each user of the AFTS registers with the AFTS computer systemand uses the AFTS services based on a unique identity, the AFTS canconduct financial transactions for the user. There are many ways totransfer funds electronically between an entity's (e.g., payer's orpayee's) account in a financial institution and the entity's account inthe AFTS computer system. For example, an Automatic Clearing House(“ACH”) transaction can be used to complete an electronic fund transferat a very low cost today.

In another aspect of the present disclosure, debit card networks, creditcard networks, ATMs or other real time and/or non-real time networks areused to transfer funds electronically between an entity's account in afinancial institution and the entity's account in the AFTS computersystem. Alternatively, an AFTS account can be financed by other likefinancial instruments and credits issued by the AFTS computer system.

Many financial institutions issue their own financial instruments. Thesefinancial instruments, however, may not be universally accepted by allconsumers, organizations, or merchants worldwide. For example, the Bankof China issues its own credit cards carrying its own brand name inChina. These credit cards are generally accepted in China, but not inmany other countries, such as the USA. Therefore, the credit cardsissued by the Bank of China cannot be used when the cardholders travelin the USA. This situation applies to many financial instruments issuedby many organizations in many countries.

Even in the same region, different consumers, organizations, merchants,etc. may accept different financial instruments. Because many differentnetworks, (e.g., Visa, Master Cad, Amex, etc.) are used in the financialindustry and each network has its own terms and conditions, mostconsumers, organizations, merchants, and the like only use a limitednumber of financial instruments and do not accept others. For example,some stores only accept Visa cards but not American Express cards. As aresult, a black cardholder of American Express (the highest status ofAmerican Express clients) may not be able to pay his bill after eating alunch because the restaurant does not accept American Express cards.

The AFTS computer system connects to all these different financialnetworks and permits its users to transfer funds between their AFTSaccounts and their financial accounts residing on different networks.Because all transactions conducted by the AFTS computer system are basedon the AFTS accounts, payees of the AFTS computer system willautomatically accept all financial instruments used by payers. Forexample, if a payer uses an American Express card to finance his AFTSaccount, a payee receives funds through its AFTS account without knowingwhere the AFTS computer system obtains funds from the payer.

In one aspect of the present disclosure, the AFTS computer system usesAFTS accounts to conduct financial transactions while the fundingsources of a payer's AFTS account is transparent to the payee. As aresult, a payer can travel worldwide without worrying about whether hisfinancial instruments are accepted worldwide. A payee can conductbusiness with all payers without worrying about whether the payers'financial instruments are acceptable. Furthermore, the payer's identityand the payee's identity can be fully protected by the AFTS computersystem. As a result, any consumer, individual, organization, merchant,financial institution, etc. can perform worldwide transfer of funds toanother consumer, individual, organization, merchant, financialinstitution, etc. through the AFTS computer system. The AFTS computersystem, in one configuration, provides a worldwide common platform forconducting all types of commercial activities.

In one aspect of the present disclosure, a consumer logs into the AFTScomputer system through a device interface and opens an account. Theconsumer provides the AFTS computer system with the consumer's personalinformation, including personal identification information, personalcommunication device identification information (e.g., email address,phone number, etc.), personal financial information, etc.

The AFTS computer system processes the personal information submitted bythe consumer and approves the opening of an account for the consumer incompliance with regulations and laws. Once an account is opened, aconsumer can be identified by his Account Avatar, the identificationinformation of the consumer's personal communication device (e.g., emailaddress, phone number, etc.), in addition to the account number of theconsumer.

Identification information of a personal communication device includes aphone number, an email address, an IP address, a caller ID, a SIM cardnumber, an electronic serial number, a mobile identification number andother types of information that are used to uniquely identify a personalcommunication device. For example, a phone number, which can be used tosend and receive messages, may be used as the “identificationinformation” or “contact information” of a personal communicationdevice. Nevertheless, other types of identification information orcontact information can also be used for similar purposes.

In one aspect of the present disclosure, when a consumer intends toconduct a payment transaction with a merchant and initiates anapplication on his personal communication device, the personalcommunication device of the consumer sends the following information tothe AFTS computer system: (1) the geolocation information of thepersonal communication device and (2) the identification information ofthe personal communication device, such as a caller ID (i.e., phonenumber). Based on the identification information of the personalcommunication device of the consumer, the AFTS computer system canidentify the consumer's AFTS account because the identificationinformation of a personal communication device is generally uniqueworldwide.

In one aspect of the present disclosure, the AFTS computer systemrandomly generates a passcode, (e.g., a short number of only 4 digits)that is much shorter than an account number, and sends the passcode tothe personal communication device of the consumer. The AFTS computersystem also records (1) the passcode, and (2) the geolocationinformation of the personal communication device of the consumer at thattime, and associates such information with the AFTS account of theconsumer. When the consumer purchases goods or services, in one aspectof the present disclosure, the consumer provides a passcode to themerchant. Because this passcode is very short and can be easilycommunicated verbally between the consumer and the merchant withoutconfusion, it is not necessary to use scanner to scan the passcode.

In one aspect of the present disclosure, the merchant enters thepasscode, which is provided by the consumer, into a device interface ofthe AFTS computer system. The AFTS computer system uses this passcode toidentify all the consumers that have received this passcode andpreviously sent their geolocations to the AFTS computer system fromtheir respective personal communication devices. If the geolocation ofthe merchant is within a pre-defined distance of the geolocation of aparticular consumer (e.g., within 2 miles), the computer system of AFTSapproves the transaction between the merchant and this particularconsumer.

If the geolocation of the merchant is not within a pre-defined distanceof the geolocation of any consumer (e.g., greater than 2 miles), theAFTS computer system rejects the transaction. This transaction isrejected because it may have been attempted by a fraudster. For apoint-of-sale transaction, the consumer should be close to the merchant.A pre-defined distance of two miles is used in this example becauseshopping centers are usually smaller than a circle with a two-mileradius. Sometimes, the communication signals may be weak inside ashopping center. It is likely that a consumer may receive the passcodeat one location where the communication signals are strong, but completethe transaction at another location where the signals are weak.Nevertheless, it is unlikely that a consumer will walk over two miles tocomplete a transaction after requesting a passcode from the AFTScomputer system.

In one aspect of the present disclosure, the AFTS computer system sendsa message to the consumer, informing the consumer of the rejection. TheAFTS computer system may also inform the merchant of the rejection.Therefore, if a fraudster steals a passcode, the passcode is unusableunless the fraudster is within a short distance of the merchant.

In one aspect of the present disclosure, a personal communication deviceof a consumer provides a list of stores that are near the consumer basedon, for example, the geolocation of the consumer's personalcommunication device. The consumer selects a store when the consumerintends to conduct a payment transaction with the store. The personalcommunication device of the consumer sends the following information tothe AFTS computer system: (1) the store selected by the consumer and (2)the identification information of the personal communication device,such as a caller ID (i.e., phone number). Based on the identificationinformation of the personal communication device of the consumer, theAFTS computer system can identify the consumer's AFTS account.

In one aspect of the present disclosure, the AFTS computer systemrandomly generates a passcode and sends the passcode to the personalcommunication device of the consumer. The AFTS computer system storesinto a database (1) the passcode, (2) the consumer's AFTS account, and(3) the AFTS account of the store selected by the consumer. When theconsumer intends to purchase goods or services, in this configuration,the consumer provides the passcode to the store. Because this passcodeis very short and easily verbally communicated between the consumer andthe store, it is unnecessary to scan the passcode.

In one aspect of the present disclosure, the store enters the passcode,which is provided by the consumer, into a device interface of the AFTScomputer system. The AFTS computer system uses this passcode and thestore's AFTS account to identify the consumer's AFTS account. If (1) thestore's AFTS account information, (2) the passcode, and (3) theconsumer's AFTS account information are consistent with the recordsstored in the database, the AFTS computer system approves thetransaction. Otherwise, the AFTS computer system rejects thetransaction.

In one aspect of the present disclosure, the AFTS computer system sendsa message to the consumer, informing the consumer of the approval of thetransaction by the AFTS computer system. In another aspect of thepresent disclosure, the transactional details (e.g., dollar figure,time, location, account balance, etc.) are also sent to the consumer. Inanother aspect of the present disclosure, as an extra protection, theconsumer also needs to approve the transaction after receiving thetransactional details for the transaction to be completed. The consumermay enter a key code or personal identification number (PIN) to approveand complete the transaction. In one aspect of the present disclosure,the AFTS computer system informs the merchant of the completion of thetransaction. In addition, the transactional details (e.g., dollarfigure, time, location, account balance, etc.) may be sent to themerchant.

In one aspect of the present disclosure, to further protect thepasscode, the communications between the AFTS computer system and thepersonal communication device of the consumer are encrypted so that afraudster cannot steal a passcode during data transmission. In anotheraspect of the present disclosure, a password is used to protect thepersonal communication device so that a fraudster cannot obtain thepasscode even if the fraudster steals the personal communication devicefrom the consumer.

Because fraud may be involved when the AFTS computer system rejects atransaction, in one aspect of the present disclosure, the AFTS computersystem initiates a case for further investigation by fraud investigatorsof the AFTS. An alert can also be sent to financial institutions ofconsumers to further prevent financial crimes.

Because the passcode is randomly generated by the AFTS computer system,there is a possibility that an identical passcode is sent to both theconsumer and another person that also intends to conduct a transactionwith the same store. Under such circumstances, when the consumer wantsto purchase goods or services, the AFTS computer system finds that twoAFTS account holders have received the same passcode and may conducttransactions with the same store. As described herein, we will refer tothis situation as a “duplicate passcode.”

In one aspect of the present disclosure, identifying the person that isstanding in front of the checkout stand is performed as follows. First,the device interface of the AFTS computer prompts the merchant to askthe consumer to provide an additional piece of information about theconsumer and the additional piece of information is entered by eitherthe merchant or the consumer into a device interface of the AFTScomputer system. For example, this additional piece of information canbe the first 2 letters of the last name of the consumer, the last 4digits of the consumer's mobile phone number, the zip code of theconsumer's mailing address, or other like additional information.Second, the AFTS computer system uses the additional piece ofinformation to identify the consumer's AFTS account. The AFTS computersystem approves the transaction conducted between the consumer and themerchant when the consumer's AFTS account is identified.

In an alternative aspect of the present disclosure, the device interfaceof the AFTS computer system lists at least partial personalidentification information (e.g., partial last name, partial phonenumber, etc.) of both the consumer and the other person when anidentical passcode is sent to both the consumer and another person thatalso intends to conduct a transaction with the same store. In thisconfiguration, the AFTS computer system prompts the merchant to choosethe correct person. The merchant can ask questions to the consumer andthe other person and choose the correct person accordingly.

In another aspect of the present disclosure, the AFTS computer systemcan send a new but different passcode to replace the duplicate passcode.As a result of this replacement, the above two persons now have twodifferent passcodes. In yet another aspect of the present disclosure,the AFTS computer system displays photos of both the consumer and theother person and prompts the merchant to choose the correct person. Themerchant can then choose the correct person accordingly. In one aspectof the present disclosure, to further reduce the chance that multiplepersons have received the same passcode and may conduct transactionswith the same store, each passcode is given a pre-determined shortlifetime (e.g., 3 minutes). A passcode is disabled after it expires.Because the chance of two persons receiving the same passcode, andpurchasing goods and services from the same merchant or two nearbymerchants within a short period of time (e.g., 3 minutes) is very low,shortening the lifetime of each passcode is an effective approach toavoid a duplicate passcode. In another aspect of the present disclosure,the pre-defined acceptable “short distance” between the consumer and themerchant is shortened to avoid a duplicate passcode. For example, thechance of two persons receiving the same passcode within 100 feet of amerchant is much less than the chance of two persons receiving the samepasscode with 5 miles of the merchant. In an alternative aspect of thepresent disclosure, the length of the passcode is increased to reducethe chance of a duplicate passcode. In practice, the lifetime of thepasscode, the length of the passcode, the random nature of passcodegeneration, and the acceptable short distance between the consumer andthe merchant can be established based on a risk policy of the AFTScomputer system.

The above approach of using geolocation information and theidentification information of a personal communication device toidentify an account can also be used by an automatic checkout stand, anATM terminal, a kiosk, or other types of device interfaces. In oneaspect of the present disclosure, a consumer enters the passcode into anautomatic checkout stand or other types of device interfaces. In anotheraspect of the present disclosure, a device interface, such as aterminal, can directly read a passcode from the consumer's personalcommunication device. As a result, a consumer can pay for goods orservices with his/her passcode at an automatic checkout stand or othertypes of device interfaces. In an alternative aspect of the presentdisclosure, the passcode is transformed into a graphical pattern (e.g.,a one-dimensional or two-dimensional bar code) and displayed on thepersonal communication device for easy scanning by optical devices. Thepasscode can also be transformed into acoustic, electronic, optical,electro-magnetic or magnetic signals (collectively referred to as a“communication signal”) so that the passcode is easily read by a deviceinterface. As a result, a consumer can pay for goods or services withhis/her passcode almost everywhere.

For illustration purposes, payment transactions are often used asexamples in the present disclosure. The present disclosure, however, canbe applied to other types of financial transactions in addition topayment transactions.

To facilitate anti-fraud payment transactions for a consumer, in oneaspect of the present disclosure, the AFTS computer system receivesgeolocation information from a payer's personal communication device.The AFTS sends a passcode to payer's personal communication device. Thepayer provides the passcode to a payee. The payee can then enter thepasscode into the device interface that accesses the AFTS computersystem over network.

Alternatively, the passcode can be transmitted from the payer's personalcommunication device through a communication signal to the payee'sdevice interface. Also, the payer can simply enter the passcode into thepayee's device interface for a point of sale transaction, or enter thepasscode into payee's device interface for an online transaction or atransaction at an automatic checkout stand. In addition, the payeeand/or payer can enter a dollar amount the payer is supposed to pay. Ifthe geolocation data associated with the passcode and the geolocation ofthe payee are within a pre-defined acceptable short distance and thereis a sufficient amount of money (including credits) in the payer's AFTSaccount to cover the payment amount, the AFTS computer system transfersthe money from the payer's AFTS account to the payee's AFTS account tocomplete the payment transaction.

In one aspect of the present disclosure, after receiving the passcodeand dollar amount from a payee and verifying that a pre-definedacceptable anti-fraud condition is satisfied, the AFTS computer systemfreezes the amount of money in the payer's AFTS account and sends amessage to the payer to confirm that this amount is being debited fromthe payer's AFTS account. The dollar amount, and/or the payee's name maybe sent to the payer through payer's personal communication device orother communication channels.

After reviewing the transactional details and the payee's name, in oneaspect of the present disclosure, the payer approves the transaction bysending a message from the payer's personal communication device to theAFTS computer system. The AFTS computer can then transfer the frozenamount of money from the payer's AFTS account to the payee's AFTSaccount to complete the payment transaction.

In one aspect of the present disclosure, the confirmation sent to theAFTS computer system from the payer's personal communication device alsocontains a PIN only known by the payer. The confirmation sent by payershould occur within a fixed amount of time. If the confirmation by payeris not received within that fixed amount of time, the transaction can beautomatically canceled and the frozen amount of money in the payer'sAFTS account is released back to the payer.

In one aspect of the present disclosure, if the dollar amount of asingle transaction exceeds a threshold set by the consumer, theconsumer's AFTS account is frozen until the consumer resets the account.Alternatively, if the aggregate amount of transactions of a consumer'sAFTS account during a pre-defined period of time exceeds a threshold setby the consumer, the consumer's AFTS account can be frozen. This frozenaccount can be reset by the consumer. Similarly, if the total number oftransactions in a consumer's AFTS account during a pre-defined period oftime exceeds the threshold set by the consumer, the consumer's AFTSaccount can be frozen. The consumer can reset or unfreeze the account.The consumer can log into the AFTS computer system to reset theconsumer's AFTS account. Alternatively, a counter party (or payee)and/or consumer can enter an authorization code that is only known tothe consumer to reset the account.

Because the passcode is newly generated by the AFTS computer system ineach transaction, the counter party to the transaction does not knowwhat the passcode is in each transaction and cannot steal money from theconsumer. Because the passcode is sent only to the consumer, a thirdparty is prevented from stealing money from the consumer because thethird party does not receive the passcode to complete the transaction.Furthermore, the geolocation verification and/or store selectioninformation ensures that the consumer is the correct AFTS accountholder. Consequently, the AFTS is useful for various financialtransactions, including point-of-sale transactions in which two partiesmeet face-to-face, as well as online transactions and remotetransactions in which the counter parties (or payees) cannot verify theconsumer's (or payer's) identity.

In one aspect of the present disclosure, when a payer places an order onthe Internet, the payer sends identification information of a merchantto the AFTS computer system and receives a passcode from the AFTScomputer system. The passcode information is stored by the AFTS computersystem, associated with the merchant's AFTS account and the consumer'sAFTS account. The payer can enter the passcode received from the AFTScomputer system into the device interface of the Internet merchant. Thispasscode is resent by the Internet merchant to the AFTS computer system.If the passcode is correct and matches the records of both themerchant's AFTS account and the consumer's AFTS account, the AFTScomputer system approves the transaction.

Alternatively, the AFTS computer system sends a message to the payerrequesting approval of the transaction. Then, the payer can send amessage to the AFTS computer system to approve the transaction. The AFTScomputer system receives the approval message from the payer andtransfers the payment from the payer's AFTS account to the payee's AFTSaccount to complete the transaction.

In one aspect of the present disclosure, an additional piece of partialinformation of the payer (e.g., home zip code of the payer) is used inthe transaction to further strengthen the security of the transaction.The geolocation of the payer can be used to further strengthen thesecurity of the transaction. For example, if the geolocation of thepayer is near the geolocation of the AFTS account holder's home address,the chance for fraud is reduced.

In an alternative aspect of the present disclosure, after receiving thepasscode, a payer sends an electronic message to the AFTS computersystem to approve a particular transaction based on the particularpasscode associated with the transaction. As a result, the payer cansecurely complete the online transaction without releasing any personalidentification information. Eliminating the release of personalidentification information suppresses the possibility of fraud, andprotects both the payer and the payee.

In another aspect of the present disclosure, a payer orders goods orservices remotely through a phone call. The payer's personalcommunication device sends the AFTS computer system the identificationinformation of the payee (e.g., a merchant code provided by the merchant(i.e. payee)). In response to receiving this information, the AFTScomputer system sends the payer a passcode that the payer then gives tothe payee. After the payee enters the payer's passcode into a deviceinterface of the AFTS, the AFTS computer system approves the transactionif the passcode is correct and matches the records of both themerchant's AFTS account and the consumer's AFTS account. A partial datastring of the payer's personal information can also be provided to thepayee to further enhance the security. For example, if the payer'spartial personal information provided to the payee does not match therecord inside the AFTS computer system, the AFTS computer system canreject the transaction because of possible fraud.

Alternatively, the AFTS system sends a message to the payer requestingapproval of the transaction. The payer sends an approval message to theAFTS computer system to complete the transaction. In one aspect of thepresent disclosure, an approval specifies that the geolocation of thepayer's personal communication device and the home zip code of the payerare within a pre-defined acceptable short distance. As a result of thepresent disclosure, the payee can complete the transaction withoutknowing the payer's identity, and both parties are fully protected inthe transaction.

In another aspect of the present disclosure, a payer can complete thepayment transaction by himself at an automatic checkout stand. Thepayer's personal communication device sends the payee's identificationinformation to the AFTS computer system from the payer's personalcommunication device. In response to receiving this information, theAFTS computer system sends the payer a passcode that the payer entersinto the automatic checkout stand. The passcode information is storedand associated with the payee's AFTS account and the payer's AFTSaccount. Alternatively, the passcode can be transmitted by acommunication signal from the payer's personal communication device tothe checkout stand. The checkout stand sends the passcode to the AFTScomputer system. The AFTS computer system approves the transaction ifthe passcode is correct and matches the records of both the payee's AFTSaccount and the payer's AFTS account. A PIN or a piece of partialpersonal information of the payer can also be used to strength thesecurity.

Alternatively, in one aspect of the present disclosure, after receivingthe passcode, the AFTS computer system requests the payer to approve thetransaction, for example, by sending a message to the payer's personalcommunication device. The payer can send an approval message to the AFTScomputer system to transfer the payment from the payer's AFTS account tothe payee's AFTS account to complete the transaction. In an alternativeaspect of the present disclosure, after receiving the passcode, thepayer sends a message to the AFTS computer system to approve aparticular transaction based on the particular passcode associated withthat transaction. Both payer and payee are fully protected against fraudin this transaction and the payer's identity is not disclosed.Similarly, the present disclosure can be used at an ATM, kiosk, or othertypes of device interfaces.

The system of the present disclosure can potentially replace traditionalpayment instruments and, at the same time, provide improved protectionfor consumers, individuals, organizations, merchants, financialinstitutions, etc. Furthermore, consumers are freed from carryingtraditional financial instruments. Moreover, the present disclosure canquickly and securely transfer money to any place with access to the AFTScomputer system. As a result, the AFTS can become a Global PaymentNetwork. As an additional convenience to the consumer, in one aspect ofthe present disclosure, a consumer can go shopping without carrying atraditional financial instrument. This option is very useful forprotecting young children whose parents do not feel comfortable lettingtheir children carry cash or pre-paid cards for safety reasons.

In fact, a consumer can easily conduct any payment as long as he/shecarries a personal communication device. As a result, in the event thata consumer forgets his/her wallet, he/she can still pay the merchantthrough his/her AFTS account. If the consumer also forgets to carry apersonal communication device, he/she can still use the merchant'scomputer to log into the AFTS computer system to directly transfer fundsfrom the consumer's AFTS account to the merchant's AFTS account.

The financial transactions referred to in the present disclosure are notlimited to payment transactions. The same system and method can be usedfor other types of financial instructions. For example, in one aspect ofthe present disclosure, a consumer (e.g., a stock trader) can give astockbroker (i.e., the counter party) a passcode, or send the passcodethrough a communication signal from the stock trader's personalcommunication device. The AFTS computer system uses the passcode and thegeolocation of the personal communication device of the stock trader toidentify the account of the stock trader, verify the identity of thestock trader, and approves a face-to-face transaction.

In another aspect of the present disclosure, if the transaction isconducted online, the AFTS computer system uses the passcode, zip code(or other identification information), and the geolocation of thepersonal communication device to identify the account of the stocktrader, verify the identity of the stock trader, and approve the onlinetransaction. Alternatively, the stock trader can enter the passcode intostockbroker's device interface for a point of sale transaction, or anonline transaction. In one aspect of the present disclosure, thetransaction details and/or the stockbroker's name are sent to the stocktrader through a personal communication device or other communicationchannels. After reviewing the transactional details and thestockbroker's name, the stock trader can send a message through hispersonal communication device or other means to the AFTS computer systemto complete the transaction. In addition to stock trading transactions,other financial transactions can be conducted in a similar mannerthrough the AFTS computer system.

For example, the present disclosure also replaces traditionalpaper-based financial instruments by storing them in electronic formatassociated with the AFTS accounts. As described herein, an electronicfinancial instrument or other like financial account identification hasthe same value and effect as the traditional financial instrument,except that it is stored in electronic format. In one aspect of thepresent disclosure, an electronic financial instrument is electronicallytransferred from one AFTS account to another AFTS account. The transferof an electronic financial instrument can be accomplished by changingthe electronic record regarding ownership because no physical financialinstrument is transferred.

For example, in one aspect of the present disclosure, a consumer gives acounter party (e.g., merchant) the consumer's Account Avatar of his AFTSaccount and/or the consumer's identification document. Alternatively, acommunication signal to identify the consumer's AFTS account can be sentfrom the consumer's personal communication device. The counter party canthen input the Account Avatar and/or the identification documentinformation into a device interface of the AFTS computer system, orreceive the communication signal through a device interface of the AFTScomputer system. In one aspect of the present disclosure, the AFTScomputer system sends a passcode to the personal communication device ofthe consumer based on the consumer's AFTS Account Avatar and/or theconsumer identification information.

As explained earlier, in an alternative aspect of the presentdisclosure, the geolocation of the personal communication device and thepasscode are used to identify the account of the consumer without theconsumer providing other account identification information.Alternatively, in one aspect of the present disclosure, a consumer sendsthe identification information of the counter party to the AFTS computersystem through a personal communication device of the consumer. Aconsumer can request the AFTS computer system to send a passcode to thepersonal communication device of the consumer. This passcode isassociated with both the consumer's AFTS account and the counter party'sAFTS account.

In addition, the counter party can conduct a transaction based on anelectronic financial instrument. If the consumer's account meets therequirements for this particular transaction (e.g., correct electronicfinancial instruments are available and/or sufficient funds areavailable), the AFTS computer system can hold the electronic financialinstrument associated with the transaction and issue a new “passcode.”Holding the electronic financial instrument associated with thetransaction ensures that the electronic financial instrument isavailable to complete the transaction.

In one aspect of the present disclosure, the transaction details and/orthe counter party's identification information are sent to the consumerthrough a personal communication device or other communication channels.

After receiving the passcode and reviewing the transactional details andthe counter party's identity, in one aspect of the present disclosure,the consumer gives the passcode to the counter party if the consumerintends to complete the transaction. Then, the counter party can enterthe passcode into the device interface of the AFTS computer system. Ifthe passcode entered by the counter party matches the passcode sent tothe consumer, the AFTS computer system completes the transaction betweenthe consumer and the counter party based on the electronic financialinstrument. In this example, the transaction is the counter party'sacceptance of the electronic financial instrument and/or the amount fromthe consumer. If the passcode entered by the counter party does notmatch the passcode sent to the consumer, the AFTS computer systemrejects the transaction. Under such circumstances, the AFTS computersystem may freeze the consumer's account to protect the consumer.

Alternatively, the consumer can enter the passcode into the counterparty's device interface for an in-person transaction (e.g., at astore). Otherwise, the consumer enters the passcode into the counterparty's device interface for an online transaction (e.g., shopping onthe Internet). In another aspect of the present disclosure, afterreceiving the passcode, a consumer sends a message to the AFTS computersystem to approve the transaction based on the electronic financialinstrument. As a result of the present disclosure, a consumer can easilyuse his/her electronic financial instrument to complete a transactionwith a counter party through the AFTS computer system.

Currency, coupons, tokens, tickets, vouchers, certificates, notes,securities, letters of credit, etc. have been used in paper format formany years. These paper-based financial instruments are difficult tomanage and can be easily counterfeited. For ease of explanation, we willuse coupons, which offer discounts for goods and services, as an exampleof a paper-based financial instrument.

First, a consumer cuts out coupons from newspapers and magazines, orprints them from promotional emails before shopping at a store. Cuttingout or printing coupons one by one involves time and patience. Veryoften, a consumer may forget to bring the correct coupons to the store.After a transaction is conducted based on a coupon, the store clerkkeeps the paper-based coupon for record keeping. For auditing purposes,someone counts these used coupons to verify the accounting records.Therefore, paper-based coupons create a great deal of overhead.

Coupons are published by different entities, such as stores, originalmanufacturers, head offices of franchises, etc. Sometimes stores falselyclaim rebates from the original manufacturers or the head offices offranchises by collecting unused coupons from recycled newspapers ormagazines. This type of fraud is sometimes referred to as “couponfraud.”

Furthermore, a paper-based coupon that is purchased in advance is likecash, but can be counterfeited or stolen more easily than cash. Thus,these paper-based coupons also create risk of fraud and robbery.Moreover, a majority of paper-based coupons are buried inside newspapersand magazines, which end up in trashcans. These coupons are never used.As a result, paper-based coupons also waste natural resources and causeenvironmental damage.

In the present disclosure, the AFTS computer system distributeselectronic coupons for original manufacturers, head offices offranchises, stores and other merchants through a network such as theInternet. A consumer can select the coupons he/she uses through a deviceinterface of the AFTS computer system. The selected coupons are linkedto the consumer's AFTS account. If a coupon specifies advance payment,the consumer can pay through his/her AFTS account. Alternatively, tomake life easier for consumers, applicable coupons are linked to thestores' AFTS accounts and the consumers do not select the coupons. Forexample, when the consumer checks out from a merchant, the AFTS systemobtains the applicable coupons linked to the merchant's AFTS account andapplies them to the transaction.

Distributing coupons for stores and other types of businesses toconsumers through the Internet has been implemented by some vendors fora number of years. The traditional approach permits consumers to printcoupons from a website on the Internet. The challenge is that manyconsumers usually do not like to spend time searching the Internetbefore shopping. After spending 30 minutes to an hour searching theInternet, people may lose interest in shopping. Therefore, permittingconsumers to print paper coupons from a website on the Internet is not apopular method.

Most stores depend on traditional approaches of mailing paper coupons toconsumers. The cost of such coupon distribution is very high and theenvironmental damage is significant. Furthermore, a long process isperformed before launching a coupon marketing campaign because a storeneeds time to design the coupons, prints the coupons, package thecoupons in envelopes, purchase mailing lists, print mailing labels, andmail the coupon packages. It is possible that a store will miss criticalmarket timing after this long preparation process. The postage ofmailing coupons is also very expensive when a large quantity ofrecipients is involved. A store invests a great deal of money and effortup front with no guarantee of a desired result from a coupon marketingcampaign.

Some vendors are in the business of distributing paper coupons forstores. These vendors may insert many coupons from different stores inthe same envelope to lower printing and mailing costs. Newspapercompanies also print and distribute paper coupons together withnewspapers for stores. Under such circumstances, a store still payscoupon distribution vendors for printing and distributing couponswithout any guarantee of a desired outcome. In fact, many couponpackages mailed by coupon distribution vendors to consumers quickly endup in trashcans without being opened.

In the past several years, coupon distribution vendors like Groupon,Living Social, etc. have pushed coupons to consumers by sending emailsto consumers with huge discounts as an attraction. First, these coupondistribution vendors negotiate with stores based on volume to obtainvery good discounts for goods or services. These coupons are basicallyspecial prices because of group discounts. To guarantee large quantitiesto stores, coupon distribution vendors specify that the consumerspurchase these coupons in advance and use these coupons before theyexpire.

There are many complaints from both consumers and stores about this typeof coupon distribution method. For consumers, one of the main reasonsfor complaints is that consumers need to purchase the coupons inadvance. In reality, after purchasing the coupons, some consumers maychange their minds and do not need the purchased coupons any more. Someconsumers may not have a chance to use the purchased coupons before thecoupons expire. Under such circumstances, the money spent on the couponsis totally wasted. Use of the purchased coupons before they expire mayalso add unnecessary pressure to the consumer's lives after purchasingsuch coupons. Therefore, consumers generally do not like to purchasecoupons in advance. On the other hand, these coupon distribution vendorscollect money from consumers in advance to make sure that (1) they canreach the quantities they have guaranteed to stores, and (2) they willget paid for their coupon distribution services before consumers changetheir minds.

Stores that issue coupons complain about paying coupon distributionvendors a significant amount of money in advance for distributingcoupons to consumers. Furthermore, managing these coupons is difficultbecause a large quantity of coupons is pushed to consumers within ashort period of time. For example, because a store cannot exactlypredict when the coupons will be redeemed by consumers, the store mayexperience difficulties in managing their inventories. For example,restaurants that sell many coupons within a short period of time, mayfind that consumers redeem their coupons on busy evenings (e.g., onweekends or holidays). As a result, the restaurant is filled with manyguests at discounted prices. Furthermore, prospective clients that arewilling to pay full prices may not find available seating in therestaurant. In fact, many stores end up losing money after issuingcoupons through these types of coupon distribution vendors.

Even for coupon distribution vendors, there is a risk because a storecan close its business without honoring the coupons purchased byconsumers from the coupon distribution vendors. Under suchcircumstances, coupon distribution vendors are obligated to refund themoney back to the consumers that purchased the coupons from the coupondistribution vendors. Obviously, the current methods of coupondistribution have some drawbacks.

One aspect of the present disclosure introduces a new way to distributecoupons and resolve the conventional problems described above. In oneaspect of the present disclosure, the AFTS computer system opens anaccount for a store and permits the store to upload promotionalmaterials, including coupons, in electronic format. Because many mobiledevices can take pictures, uploading photos of promotional items throughthe Internet is very easy today. In this configuration, the AFTScomputer system has a web interface for stores to upload theirpromotional photos. Alternatively, the AFTS computer system may includea personal communication device application for stores to upload theirpromotional photos. The stores can also add descriptions about thephotos for promotional purposes. As a result, the preparation period ofa marketing campaign through the AFTS computer system can be as short asseveral minutes. A marketing campaign can be launched in near real time.

In one aspect of the present disclosure, the store sets a period ofpromotion (e.g., the effective period of the coupons). The store canprovide an instruction to the AFTS computer system to start a promotionin real time. The instruction can be given through the Internet, anapplication on a personal communication device, a phone call, or othercommunication method. Upon receiving the instruction from the store, theAFTS computer system can send coupons and other promotional materials toaccount holders (i.e., members) of the AFTS computer system. The couponsand other promotional materials may be sent to account holders within apre-determined distance from the store based on, for example, thegeolocations of the personal communication devices of these accountholders.

Alternatively, the coupons and promotional materials are available toaccount holders of the AFTS computer system upon their request forinformation. These coupons, other promotional materials and relatedinformation can be displayed on personal communication devices of theaccount holders of the AFTS computer system.

In one aspect of the present disclosure, the AFTS computer systemreceives geolocation information of a personal communication device of aconsumer. The consumer may use his personal communication device toreceive promotional information provided by the AFTS computer system. Asnoted, the promotional information may include coupons and otherpromotional items offered by stores near the consumer based on thegeolocation of the personal communication device of the consumer.

Because the promotional information can be sent to the personalcommunication devices of consumers in real time, stores have bettercontrol of their inventories. Stores can put perishable goods orservices on sale before it is too late. For example, if a restaurant hastoo many empty seats on a particular night at 7:00 μm, the restaurantcan immediately send promotional information such as an electroniccoupon through the AFTS computer system to attract consumers to therestaurant before 9:00 pm by ending this special promotion at 9:00 pm.As a result, one aspect of the present disclosure helps stores bettermanage their inventories. To avoid arguments regarding transactionsconducted around the expiration time, in one aspect of the presentdisclosure, the AFTS computer system has an agreement with the store toallow a grace period (e.g., 30 minutes) in which the coupons are stilleffective after the expiration time defined by the store.

For example, a consumer may feel hungry at 7:30 pm. He opens anapplication on his personal communication device and a list of foodoptions with special promotions near his location is displayed on hispersonal communication device. In one aspect of the present disclosure,the location of the consumer can be determined by the geolocation of thepersonal communication device of the consumer. The location of theconsumer can also be determined by information provided by the consumer.

In one aspect of the present disclosure, the consumer selects a storefrom a list of nearby stores and their promotions displayed on apersonal communication device based on the geolocation of the personalcommunication device. The store identification information of theselected store may be sent to the AFTS computer system from the personalcommunication device of the consumer. The route direction from thegeolocation of the personal communication device of the consumer to thestore location may be displayed on the personal communication device ofthe consumer.

In one aspect of the present disclosure, the AFTS computer systemidentifies the consumer's AFTS account based on the identificationinformation (e.g., caller ID, etc.) of the personal communication deviceof the consumer. The AFTS computer system can then send a passcode tothe personal communication device of the consumer. The passcode may berandomly generated. In one aspect of the present disclosure, thepasscode has a pre-defined lifetime. The passcode may be very short(e.g., 4 digits) so that the consumer can easily provide the passcode toa store through verbal communication, or an automatic checkout stand,without any confusion. As an option, the length of the passcode may beextended to reduce the chance of potential fraud.

In one aspect of the present disclosure, the passcode is displayed in agraphical format (e.g., 1 or 2 dimensional bar code) on the personalcommunication device of the consumer so that the store can read itthrough a scanner. The AFTS computer system may link the passcode andthe consumer's AFTS account with the AFTS account of the store selectedby the consumer. The AFTS computer system may store this information ina database.

Either the store or the consumer may select a coupon or otherpromotional item issued by the store. Multiple coupons or otherpromotional items can also be selected at the same time. This selectionprocess can be accomplished through a device interface of the AFTScomputer system inside the store and/or the personal communicationdevice of the consumer. The information of the selected coupons or otherpromotional items is sent to the AFTS computer system. Alternatively,applicable coupons or other promotional items are automatically appliedby the AFTS computer system without a selection process.

In one aspect of the present disclosure, the store inputs the originaltotal charge amount without using a coupon or other promotional item.This original total amount is sent to the AFTS computer system. If thecashier terminal of the store is linked to the AFTS computer system, theoriginal total amount can be automatically provided to the AFTS computersystem.

In one aspect of the present disclosure, the AFTS computer systemapplies the selected coupons or other promotional items and derives afinal payment amount, including applicable taxes and duties due from theconsumer. This final payment amount can also be zero, which means freeof charge, or a negative value, which means a rebate is available. Thisfinal payment amount can be sent to the device interface of the AFTScomputer system inside the store, cashier terminal, and/or the personalcommunication device of the consumer. In one aspect of the presentdisclosure, either the consumer or the store inputs the passcode, whichwas received by the personal communication device of the consumer, intothe store's device interface of the AFTS computer system or the cashierterminal when the consumer agrees to pay a final dollar amount.

The AFTS computer system can deduct the final payment amount from theconsumer's AFTS account if (1) the passcode has not expired yet, (2) thepasscode, the consumer's AFTS account and the store's AFTS account allmatch the pre-stored records inside the database when the passcode wasissued, and (3) there are sufficient funds (including credits) in theconsumer's AFTS account. Otherwise, the AFTS computer system rejects thetransaction and informs the store and/or the consumer of the rejection.

In another aspect of the present disclosure, when the consumer agrees topay the final payment amount, the consumer approves the transactionthrough a personal communication device and the approval is sent to theAFTS computer system from the personal communication device of theconsumer. The AFTS computer system may deduct the final payment amountfrom the consumer's AFTS account after receiving the approval from thepersonal communication device of the consumer if there are sufficientfunds (including credits) in the consumer's AFTS account.

In one aspect of the present disclosure, the AFTS computer systemdeducts a service fee from the final payment amount and transfers thebalance (i.e., the final payment amount minus the service fee) into anAFTS account of the store. This service fee is charged for providing thecoupon distribution service and payment transaction service to thestore. The service fee can be transferred to a house account of the AFTScomputer system because the fee is earned by the AFTS computer system.The funds in a house account of the AFTS computer system are owned andcontrolled by the AFTS computer system. This approach ensures that theoperator of the AFTS computer system gets paid for providing itsservices.

An AFTS account of a consumer (or a store) can be funded by traditionalfinancial instruments, electronic financial instruments, and credits bythe AFTS computer system. The funds inside an AFTS account of a consumer(or a store) can be transferred out to other accounts at other financialinstitutions using traditional financial instruments, electronicfinancial instruments, and debits by the AFTS computer system.

As a result, both the store and the consumer rely on the AFTS computersystem to (1) distribute the coupons to attract consumers insubstantially real time, (2) find the best available purchase optionsfor consumers in real time, and (3) complete the transactions based onthe coupons in real time. Therefore, there is no incentive to bypass theAFTS computer system. The AFTS computer system is guaranteed to receivea service fee when a transaction between a consumer and a store iscompleted because the AFTS computer system controls the entiretransaction process.

More importantly, consumers do not purchase any coupon or otherpromotional item in advance, and stores do not pay for any costs inadvance of distributing coupons or other promotional items. Furthermore,stores are guaranteed an outcome when they spend money on marketingcampaigns because the stores only pay fees for transactions completed asa result of the marketing campaigns. This is also anenvironment-friendly method because no paper is involved in thetransaction. Stores can better manage their inventories and get the bestvalue out of perishable goods or services through a timely promotion. Anaspect of the disclosure of the present disclosure provides an effectiveand efficient way to distribute coupons or other promotional items.

Although coupons are used in the above examples, other electronicfinancial instruments can also be used in similar manner, according tofurther aspects of the present disclosure.

Because all transactions conducted by the AFTS computer system are basedon the AFTS accounts and the AFTS accounts can be financed bytraditional financial instruments, payees of the AFTS computer systemaccept all traditional financial instruments used by payers. A payeewill receive funds through its AFTS account without knowing where theAFTS computer system obtains funds from the payer. As a result, a payercan travel worldwide without worrying about whether his financialinstruments are accepted worldwide. A payee can conduct business withall payers without worrying about whether the payers' financialinstruments are acceptable.

In summary, many different ways are disclosed in the presentspecification to protect a financial transaction against fraud. Aparticular aspect or a particular combination of aspects can be appliedfor a financial transaction based on the risk involved in the financialtransaction. Alternatively, the choice of a particular aspect or aparticular combination of aspects can be based on other commercialreasons.

One of many possible combinations is described below as an example. Thecomputer system of the Anti-Fraud Financial Transactions System (“AFTS”)500 and a network 600, such as the Internet, enable a consumer 100, afinancial institution 200, a retail store 300 and an online merchant 400to conduct secure financial transactions as shown in FIG. 1 .

Reference should now be made to the flowchart of FIG. 2 in combinationwith the system diagram of FIG. 1 , which together illustrate how aconsumer can open an account with the AFTS computer system 500.

First (block 2001), a consumer (i.e., new user) 100 provides herpersonal information to a device interface of the AFTS. The personalinformation may include personal identification information and theidentification information of a personal communication device of theconsumer 100. Then (block 2002), the consumer 100 sends her financialaccount identification to the AFTS computer system 500. The consumer'sfinancial account provides funding to the AFTS account of the consumer100. The AFTS authenticates the identity of the consumer 100 by theconventional standards used in the financial industry.

According to the authentication result, the device interface may take adifferent action (decision block 2003). If the consumer's identity isnot correct (NO branch 2004), for example, because the identity of theconsumer 100 cannot be authenticated, the device interface rejects theconsumer 100 attempt to open an account (block 2010).

If the consumer's identity is correct (YES branch 2005), for examplebecause an identity of the consumer 100 can be authenticated, the AFTScomputer system 500 determines whether the consumer 100 is on theblacklist used by the AFTS (decision block 2006). This blacklist mayinclude the information provided by government agencies (e.g., Office ofForeign Assets Control, etc.) and commercial organizations.

If the consumer 100 is on the blacklist (YES branch 2007), the consumeris prevented from opening an account (block 2010). If the consumer 100is not on the black list (NO branch 2008), the consumer is permitted toproceed with completing the process and opening an account with the AFTScomputer system 500 (block 2009).

After the consumer 100 opens an account with the AFTS computer system500, the consumer 100 can conduct secure financial transactions with aretail store 300 at a point of sale. The flowchart in FIGS. 3A and 3B incombination with the system diagram of FIG. 1 illustrate how thesetransactions are conducted.

The AFTS computer system 500 receives geolocation information of thepersonal communication device of the consumer 100 and the identificationinformation of the personal communication device (e.g., caller ID) ofthe consumer 100 (block 3001). The AFTS computer system 500 uses theidentification information of the personal communication device toidentify the AFTS account of the consumer 100 and sends a passcode tothe personal communication device of the consumer 100 (block 3002). Theconsumer 100 provides the retail store 300 with the passcode and theretail store 300 submits the passcode and a transaction amount to theAFTS computer system 500 via the network 600 (block 3003).

The AFTS computer system 500 determines if the passcode is valid(decision block 3004). If the passcode is not valid (NO branch 3005),the AFTS computer system 500 rejects the transaction (block 3014). Ifthe passcode is valid (YES branch 3006), the AFTS computer system 500determines if the distance between the retail store 300 and thegeolocation of the personal communication device of the consumer 100 iswithin a pre-defined distance (decision block 3007).

If the distance between the consumer 100 and the retail store 300 is notwithin the pre-defined distance (NO branch 3008), the AFTS computersystem 500 rejects the transaction (block 3014). If the distance betweenthe consumer 100 and the retail store 300 is within the pre-defineddistance (YES branch 3009), the AFTS computer system 500 determineswhether there is a sufficient amount of funds (including credits) in theconsumer's AFTS account for the transaction (decision block 3010).

If funds are insufficient (NO branch 3011), the AFTS computer system 500rejects the transaction (block 3014). If there are sufficient funds (YESbranch 3012), the AFTS computer system 500 completes the transaction(block 3013).

Sometimes, a retail store 300 may permit the consumer 100 to interactdirectly with a device interface in the retail store 300. In addition,an automatic checkout stand may expect the consumer 100 to interactdirectly with the checkout stand. Under such circumstances, theflowchart in FIGS. 4A and 4B in combination with the system diagram ofFIG. 1 illustrate how these transactions can be conducted on the AFTS.

A consumer 100 selects a store on her personal communication device. TheAFTS computer system 500 receives, from the personal communicationdevice of the consumer 100, (1) the selected store information and (2)the identification information of the personal communication device ofthe consumer 100 (block 4001). The AFTS computer system 500 uses theidentification information of the personal communication device toidentify the AFTS account of the consumer 100 and sends a passcode tothe personal communication device of the consumer 100 (block 4002). Theconsumer 100 enters the passcode into a device interface of an automaticcheckout stand of the retail store 300, and the passcode is sent to theAFTS computer system 500 from the retail store 300 via the network 600(block 4003).

The AFTS computer system 500 determines if the passcode is valid(decision block 4004). If the passcode is not valid (NO branch 4005),the AFTS computer system 500 rejects the transaction (block 4014). Ifthe passcode is valid (YES branch 4006), the AFTS computer system 500determines if the store from which the passcode was received matches thestore which the consumer 100 has selected (decision block 4007).

If the store from which the passcode was received does not match thestore that the consumer 100 selected (NO branch 4008), the AFTS computersystem 500 rejects the transaction (block 4014). If the store from whichthe passcode was received matches the store that the consumer 100selected (YES branch 4009), the AFTS computer system 500 determineswhether there are sufficient funds (including credits) in the consumer'sAFTS account to complete the transaction (decision block 4010).

If there are insufficient funds (NO branch 4011), the AFTS computersystem 500 rejects the transaction (block 3014). If there are sufficientfunds (YES branch 4012), the AFTS computer system 500 completes thetransaction (block 4013).

Sometimes, to reduce verbal communications or manual data entry during atransaction, a consumer 100 can use a graphical pattern (e.g., bar code)to complete a secure financial transaction. The graphic pattern can beproduced by the AFTS computer system 500 and sent to the personalcommunication device of the consumer 100. Alternatively, the graphicalpattern can be produced by the personal communication device of theconsumer 100 based on the information sent from the AFTS computer system500. The graphical pattern can be one dimensional, two dimensional orthree-dimensional. The flowchart in FIGS. 5A and 5B in combination withthe system diagram of FIG. 1 illustrate how this kind of transaction canbe conducted on the AFTS. Although a bar code is used in this example,other type of graphical patterns can also be used to achieve the samegoal.

The AFTS computer system 500 receives geolocation information of thepersonal communication device of the consumer 100 and the identificationinformation of the personal communication device of the consumer 100(block 5001). The AFTS computer system 500 uses the identificationinformation of the personal communication device to identify the AFTSaccount of the consumer 100 and sends a passcode to the personalcommunication device of the consumer 100 (block 5002). The passcode ispresented in a bar code format so that a device interface of the AFTS atthe retail store 300 can scan the bar code, translate the bar code intoa passcode, and send the passcode to the AFTS computer system 500 viathe network 600 (block 5003). The bar code can be produced by the AFTScomputer system 500 and then sent to the personal communication deviceof the consumer 100. Alternatively, the bar code can be produced by thepersonal communication device of the consumer 100 based on theinformation provided by the AFTS computer system 500.

The AFTS computer system 500 determines if the passcode is valid(decision block 5004). If the passcode is not valid (NO branch 5005),the AFTS computer system 500 rejects the transaction (block 5014). Ifthe passcode is valid (YES branch 5006), the AFTS computer system 500then determines if the distance between the retail store 300 and thegeolocation provided by the personal communication device of theconsumer 100 is within a pre-defined distance (decision block 5007).

If the distance between the consumer 100 and the retail store 300 is notwithin the pre-defined distance (NO branch 5008), the AFTS computersystem 500 rejects the transaction (block 5014). If the distance betweenthe consumer 100 and the retail store 300 is within the pre-defineddistance (YES branch 5009), the AFTS computer system 500 then determineswhether there are sufficient funds (including credits) in the consumer'sAFTS account to complete the transaction (decision block 5010).

If there are insufficient funds (NO branch 5011), the AFTS computersystem 500 rejects the transaction (block 5014). If there are sufficientfunds (YES branch 5012), the AFTS computer system 500 completes thetransaction (block 5013).

Furthermore, for online commercial activities, a consumer 100 mayinteract directly with the device interface provided by the onlinemerchant 400 via the network 600. Under such circumstances, theflowchart in FIGS. 6A and 6B in combination with the system diagram ofFIG. 1 illustrate how these transactions can be conducted on the AFTS.

The device interface of the online merchant 400 provides identificationinformation of the merchant. The AFTS computer system 500 receivesmerchant identification information from the consumer 100 and theidentification information of the personal communication device of theconsumer 100 (block 6001). The AFTS computer system 500 uses theidentification information of the personal communication device toidentify the AFTS account of the consumer 100 and sends a passcode tothe personal communication device of the consumer 100 (block 6002). Theconsumer 100 enters the passcode into the device interface provided bythe online merchant 400 (block 6003).

The AFTS computer system 500 determines if the passcode is valid(decision block 6004). If the passcode is not valid (NO branch 6005),the AFTS computer system 500 rejects the transaction (block 6014). Ifthe passcode is valid (YES branch 6006), the AFTS computer system 500then determines if the merchant from which the passcode was receivedmatches the merchant identification information received from theconsumer 100 (decision block 6007).

If the merchant from which the passcode was received does not match themerchant identification information received from the consumer 100 (NObranch 6008), the AFTS computer system 500 rejects the transaction(block 6014). If the merchant from whom the passcode was receivedmatches the merchant identification information received from theconsumer 100 (YES branch 6009), the AFTS computer system 500 determineswhether there are sufficient funds (including credits) in the consumer'sAFTS account to complete the transaction (decision block 6010).

If there are insufficient funds (NO branch 6011), the AFTS computersystem 500 rejects the transaction (block 6014). If there are sufficientfunds (YES branch 6012), the AFTS computer system 500 completes thetransaction (block 6013).

Although transactions between a consumer 100 and a retail store 300 orbetween a consumer 100 and an online merchant 400 are used in the aboveexamples, transactions between a consumer 100 and a financialinstitution 200, either in person or online, can also be conducted in asimilar manner. As a result, a geolocation of a party that conducts atransaction or information of a merchant selected by a consumer can beused to simplify the transactional process and enhance the security ofthe transaction in aspects of the present disclosure. For example, twoconsumers can also use aspects of the present disclosure to conductpeer-to-peer transactions. Those skilled in the art to which thisdisclosure pertains can appreciate that the present disclosure can beapplied to many different types of financial transactions betweendifferent kinds of parties.

The methodologies described herein may be implemented by various meansdepending upon the application. For example, these methodologies may beimplemented in hardware, firmware, software, or any combination thereof.For a hardware implementation, the processing may be implemented withinone or more application specific integrated circuits (ASICs), digitalsignal processors (DSPs), digital signal processing devices (DSPDs),programmable logic devices (PLDs), field programmable gate arrays(FPGAs), processors, controllers, micro-controllers, microprocessors,electronic devices, other electronic units designed to perform thefunctions described herein, or a combination thereof.

For a firmware and/or software implementation, the methodologies may beimplemented with modules (e.g., procedures, functions, and so on) thatperform the functions described herein. Any machine-readable mediumtangibly embodying instructions may be used in implementing themethodologies described herein. For example, software codes may bestored in a memory and executed by a processor. Memory may beimplemented within the processor or external to the processor. As usedherein, the term “memory” refers to any type of long term, short term,volatile, nonvolatile, or other memory and is not to be limited to anyparticular type of memory or number of memories, or type of media uponwhich memory is stored.

If implemented in firmware and/or software, the functions may be storedas one or more instructions or code on a computer-readable medium.Examples include computer-readable media encoded with a data structureand computer-readable media encoded with a computer program.Computer-readable media includes physical computer storage media. Astorage medium may be any available medium that can be accessed by acomputer. By way of example, and not limitation, such computer-readablemedia can comprise RAM, ROM, EEPROM, CD-ROM, DVD, or other optical diskstorage, magnetic disk storage or other magnetic storage devices, or anyother medium that can be used to store desired program code in the formof instructions or data structures and that can be accessed by acomputer; disk and disc, as used herein, includes compact disc (CD),laser disc, optical disc, digital versatile disc (DVD), floppy disk andblue-ray disc where disks usually reproduce data magnetically, whilediscs reproduce data optically with lasers. Combinations of the aboveshould also be included within the scope of computer-readable media.

In addition to storage on computer readable medium, instructions and/ordata may be provided as signals on transmission media included in acommunication apparatus. For example, a communication apparatus mayinclude a transceiver having signals indicative of instructions anddata. The instructions and data are configured to cause one or moreprocessors to implement the functions outlined in the claims. Thecommunication apparatus may not store all of the instructions and/ordata on a computer readable medium.

The aspects described in this disclosure can be assembled to form avariety of applications based on the need. Those skilled in the art andtechnology to which this disclosure pertains can appreciate thatalterations and changes in the described structure may be practicedwithout meaningfully departing from the principal, spirit and scope ofthis disclosure. Such alterations and changes should not be construed asdeviations from the present disclosure.

What is claimed is:
 1. A method for verifying a transaction at atransaction computer system, comprising: receiving, at the transactioncomputer system for completing transactions on behalf of a payerassociated with a payer computer system, an identification messageindicating device identification information of the payer computersystem and a first geolocation indicating a physical location of thepayer computer system, the device identification information comprisingdevice specific information that uniquely identifies the payer computersystem from other computer systems, the device identificationinformation being different than personal identification information andpersonal financial information of the payer, and the transactioncomputer system remotely located from the payer computer system;identifying, at the transaction computer system, a first account of thepayer corresponding to the device identification information, an accountnumber of the first account being different from the deviceidentification information; generating, at the transaction computersystem, a pass code for conducting a transaction with a payee based onidentifying the first account, the pass code having a pre-defined lifetime, and a length of the pass code being less than a length of theaccount number; associating, at the transaction computer system, thepass code and the first geolocation with the first account based ongenerating the pass code; transmitting, from the transaction computersystem to the payer computer system, the pass code; receiving, at thetransaction computer system from a payee computer system, the pass codepreviously transmitted to the payer computer system and a transactionvalue of a transaction between the payer and a payee associated with thepayee computer system, the payee computer system receiving the pass codevia a communication signal transmitted from the payer computer system,and the payer computer system receiving the pass code in lieu ofreceiving a financial instrument from the payee; identifying, at thetransaction computer system, the first account based on receiving thepass code from the payee computer system; calculating, at thetransaction computer system, a first distance between the firstgeolocation and a second geolocation associated with a physical locationof the payee computer system based on identifying the first account;calculating, at the transaction computer system, a second distancebetween the first geolocation and a third geolocation of a zip codeassociated with the first account based on identifying the firstaccount; and determining, at the transaction computer system, whether toverify the transaction between the payer and the payee based on both thefirst distance and the second distance: when the first distance is lessthan or equal to a first distance threshold and the second distance isless than or equal to a second distance threshold, the transaction isverified and an amount of money indicated in the transaction value istransferred from the first account to a second account of the payee, andwhen either the first distance is greater than the first distancethreshold or the second distance is greater than the second distancethreshold, the transaction is rejected.
 2. The method of claim 1, inwhich the transaction computer system comprises at least one of acomputer system, a personal communications device, a device interface,or a combination thereof.
 3. The method of claim 2, in which the deviceinterface comprises at least one of a keyboard, a keypad, a monitor, adisplay, a terminal, a computer, a control panel, a vehicle dash board,a network interface, a machinery interface, a video interface, an audiointerface, an electronic interface, a magnetic interface, anelectromagnetic interface including an electromagnetic wave interface,an optical interface, a light interface, an acoustic interface, acontactless interface, a mobile phone interface, a smartphone interface,a Smartbook interface, a Personal Digital Assistant (PDA) interface, ahandheld device interface, a portable device interface, a wirelessinterface, a wired interface, or a combination thereof.
 4. The method ofclaim 1, in which the payer computer system comprises at least one of acomputer system, a personal communications device, a device interface,or a combination thereof.
 5. The method of claim 4, in which the deviceinterface comprises at least one of a keyboard, a keypad, a monitor, adisplay, a terminal, a computer, a control panel, a vehicle dash board,a network interface, a machinery interface, a video interface, an audiointerface, an electronic interface, a magnetic interface, anelectromagnetic interface including an electromagnetic wave interface,an optical interface, a light interface, an acoustic interface, acontactless interface, a mobile phone interface, a smartphone interface,a Smartbook interface, a personal digital assistant (PDA) interface, ahandheld device interface, a portable device interface, a wirelessinterface, a wired interface, or a combination thereof.
 6. The method ofclaim 1, in which the payee computer system comprises at least one of acomputer system, a personal communications device, a device interface,or a combination thereof.
 7. The method of claim 6, in which the deviceinterface comprises a keyboard, a keypad, a monitor, a display, aterminal, a computer, a control panel, a vehicle dash board, a networkinterface, a machinery interface, a video interface, an audio interface,an electronic interface, a magnetic interface, an electromagneticinterface including an electromagnetic wave interface, an opticalinterface, a light interface, an acoustic interface, a contactlessinterface, a mobile phone interface, a smartphone interface, a Smartbookinterface, a personal digital assistant (PDA) interface, a handhelddevice interface, a portable device interface, a wireless interface, awired interface, or a combination thereof.
 8. The method of claim 1, inwhich the device identification information comprises at least one of atelephone number associated with the payer computer system, a subscriberidentification module (SIM) number associated with the payer computersystem, an Internet protocol (IP) address associated with the payercomputer system, or a combination thereof.